CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2013-1521 – mysql: unspecified vulnerability related to Server Locking (CPU April 2013)
https://notcve.org/view.php?id=CVE-2013-1521
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking. Vulnerabilidad no especificada en Oracle MySQL v5.1.67 y anteriores y v5.5.29 y anteriores permite a atacantes remotos afectar la integridad, confidencialidad y disponibilidad mediante vectores desconocidos relacionados con Server Locking. • http://rhn.redhat.com/errata/RHSA-2013-0772.html http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html https://access.redhat.com/security/cve/CVE-2013-1521 https://bugzilla.redhat.com/show_bug.cgi?id=952861 •
CVSS: 3.5EPSS: 0%CPEs: 11EXPL: 0CVE-2013-1566
https://notcve.org/view.php?id=CVE-2013-1566
Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en Oracle MySQL v5.6.10 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con InnoDB. • http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html •
CVSS: 4.0EPSS: 0%CPEs: 10EXPL: 0CVE-2013-1532 – mysql: unspecified DoS related to Information Schema (CPU April 2013)
https://notcve.org/view.php?id=CVE-2013-1532
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema. Vulnerabilidad no especificada en Oracle MySQL v5.1.68 y anteriores, v5.5.30 y anteriores, y v5.6.10 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a través de vectores desconocidos relacionados con Information Schema. • http://rhn.redhat.com/errata/RHSA-2013-0772.html http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html https://access.redhat.com/security/cve/CVE-2013-1532 https://bugzilla.redhat.com/show_bug.cgi?id=952871 •
CVSS: 3.5EPSS: 0%CPEs: 10EXPL: 0CVE-2013-1506 – mysql: unspecified DoS related to Server Locking (CPU April 2013)
https://notcve.org/view.php?id=CVE-2013-1506
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking. Vulnerabilidad sin especificar en Oracle MySQL 5.1.67 y anteriores, 5.6.10 y anteriores y 5.5.29 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a través de vectores no especificados relacionados con Server Locking. • http://rhn.redhat.com/errata/RHSA-2013-0772.html http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html https://access.redhat.com/security/cve/CVE-2013-1506 https://bugzilla.redhat.com/show_bug.cgi?id=952899 •
CVSS: 7.5EPSS: 3%CPEs: 107EXPL: 0CVE-2013-1492 – MySQL yaSSL Heap Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1492
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553. Desbordamiento de búfer en yaSSL, como se usa en MySQL v5.1.x hasta 5.1.68 y en v5.5.x antes de v5.5.30, tiene un impacto no especificado y vectores de ataque, una vulnerabilidad diferente a CVE-2012-0553. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of MySQL with yaSSL. Authentication is not required to exploit this vulnerability. The specific flaw exists within the yaSSL library that is optionally used by MySQL for SSL communication. There exists an off-by-one overflow that is repeatedly performed during the SSL handshake. • http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-30.html http://secunia.com/advisories/52445 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •